r19977: * Fix a crash in the secure DNS update code. Don't free

  the host_principal memory while it is still being referenced
  by the gss code.
(This used to be commit 7a5a12e892171f0e1b6355f84ee920307834c81f)

diff --git a/source3/libaddns/dnsgss.c b/source3/libaddns/dnsgss.c
index fc674a7b8166b3e4f20377214616f21ba035d3f6..3d1a038363d0445cc693553ab89dbb11873700e8 100644 (file)
--- a/source3/libaddns/dnsgss.c
+++ b/source3/libaddns/dnsgss.c
@@ -243,10 +243,9 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm,
        major = gss_import_name( &minor, &input_name,
                                 &nt_host_oid_desc, &targ_name );
 
-       krb5_free_principal( krb_ctx, host_principal );
-       krb5_free_context( krb_ctx );
-
        if (major) {
+               krb5_free_principal( krb_ctx, host_principal );
+               krb5_free_context( krb_ctx );
                err = ERROR_DNS_GSS_ERROR;
                goto error;
        }
@@ -254,6 +253,8 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm,
        err = dns_negotiate_gss_ctx_int(mem_ctx, conn, keyname, targ_name,
                                        gss_ctx);
 
+       krb5_free_principal( krb_ctx, host_principal );
+       krb5_free_context( krb_ctx );
        gss_release_name( &minor, &targ_name );
 
  error: